Cisco warns of sensor flaw

By
Matthew Broersma
| Aug 24, 2005

Share

TwitterFacebookLinkedInGoogle Plus

Networking giant Cisco Systems has warned of a security flaw affecting two of its widely used security systems.

The flaw, involving SSL (Secure Sockets Layer), affects CiscoWorks Management Center for IDS Sensors, known as IDSMC, and a related product, Monitoring Center for Security, also called Security Monitor or Secmon.

In an advisory, Cisco said an attacker could use the bug to pretend to be a legitimate Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS).

That could allow the attacker to collect login credentials, submit false data to IDSMC and Secmon or filter what data the two products see. Filtering could be used, for instance, to keep the security products from detecting an attack.

"If exploited, the attacker may be able to gather login credentials, submit false data to IDSMC and Secmon or filter legitimate data from IDSMC and Secmon, thus impacting the integrity of the device and the reporting capabilities of it," Cisco stated.